GtkWidget *
ws_802_1x_auth_combo_init (WirelessSecurity *sec,
const char *combo_name,
const char *combo_label,
GCallback auth_combo_changed_cb,
NMConnection *connection,
gboolean is_editor,
gboolean secrets_only)
{
GtkWidget *combo, *widget;
GtkListStore *auth_model;
GtkTreeIter iter;
EAPMethodSimple *em_md5;
EAPMethodTLS *em_tls;
EAPMethodLEAP *em_leap;
EAPMethodFAST *em_fast;
EAPMethodTTLS *em_ttls;
EAPMethodPEAP *em_peap;
const char *default_method = NULL, *ctype = NULL;
int active = -1, item = 0;
gboolean wired = FALSE;
/* Grab the default EAP method out of the security object */
if (connection) {
NMSettingConnection *s_con;
NMSetting8021x *s_8021x;
s_con = nm_connection_get_setting_connection (connection);
if (s_con)
ctype = nm_setting_connection_get_connection_type (s_con);
if ( (g_strcmp0 (ctype, NM_SETTING_WIRED_SETTING_NAME) == 0)
|| nm_connection_get_setting_wired (connection))
wired = TRUE;
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x && nm_setting_802_1x_get_num_eap_methods (s_8021x))
default_method = nm_setting_802_1x_get_eap_method (s_8021x, 0);
}
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_g_type ());
if (wired) {
em_md5 = eap_method_simple_new (sec,
connection,
EAP_METHOD_SIMPLE_TYPE_MD5,
FALSE,
is_editor,
secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("MD5"),
AUTH_METHOD_COLUMN, em_md5,
-1);
eap_method_unref (EAP_METHOD (em_md5));
if (default_method && (active < 0) && !strcmp (default_method, "md5"))
active = item;
item++;
}
em_tls = eap_method_tls_new (sec, connection, FALSE, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("TLS"),
AUTH_METHOD_COLUMN, em_tls,
-1);
eap_method_unref (EAP_METHOD (em_tls));
if (default_method && (active < 0) && !strcmp (default_method, "tls"))
active = item;
item++;
if (!wired) {
em_leap = eap_method_leap_new (sec, connection, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("LEAP"),
AUTH_METHOD_COLUMN, em_leap,
-1);
eap_method_unref (EAP_METHOD (em_leap));
if (default_method && (active < 0) && !strcmp (default_method, "leap"))
active = item;
item++;
}
em_fast = eap_method_fast_new (sec, connection, is_editor, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("FAST"),
AUTH_METHOD_COLUMN, em_fast,
-1);
eap_method_unref (EAP_METHOD (em_fast));
if (default_method && (active < 0) && !strcmp (default_method, "fast"))
active = item;
item++;
em_ttls = eap_method_ttls_new (sec, connection, is_editor, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("Tunneled TLS"),
AUTH_METHOD_COLUMN, em_ttls,
-1);
eap_method_unref (EAP_METHOD (em_ttls));
if (default_method && (active < 0) && !strcmp (default_method, "ttls"))
active = item;
item++;
em_peap = eap_method_peap_new (sec, connection, is_editor, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("Protected EAP (PEAP)"),
AUTH_METHOD_COLUMN, em_peap,
-1);
eap_method_unref (EAP_METHOD (em_peap));
if (default_method && (active < 0) && !strcmp (default_method, "peap"))
active = item;
item++;
combo = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name));
g_assert (combo);
gtk_combo_box_set_model (GTK_COMBO_BOX (combo), GTK_TREE_MODEL (auth_model));
g_object_unref (G_OBJECT (auth_model));
gtk_combo_box_set_active (GTK_COMBO_BOX (combo), active < 0 ? 0 : (guint32) active);
g_signal_connect (G_OBJECT (combo), "changed", auth_combo_changed_cb, sec);
if (secrets_only) {
gtk_widget_hide (combo);
widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_label));
gtk_widget_hide (widget);
}
return combo;
}
static gboolean
check_connection_cloned_mac_address (NMConnection *orig,
NMConnection *candidate,
GHashTable *settings)
{
GHashTable *props;
const char *orig_mac = NULL, *cand_mac = NULL;
NMSettingWired *s_wired_orig, *s_wired_cand;
props = check_property_in_hash (settings,
NM_SETTING_WIRED_SETTING_NAME,
NM_SETTING_WIRED_CLONED_MAC_ADDRESS);
if (!props)
return TRUE;
/* If one of the MAC addresses is NULL, we accept that connection */
s_wired_orig = nm_connection_get_setting_wired (orig);
if (s_wired_orig)
orig_mac = nm_setting_wired_get_cloned_mac_address (s_wired_orig);
s_wired_cand = nm_connection_get_setting_wired (candidate);
if (s_wired_cand)
cand_mac = nm_setting_wired_get_cloned_mac_address (s_wired_cand);
if (!orig_mac || !cand_mac) {
remove_from_hash (settings, props,
NM_SETTING_WIRED_SETTING_NAME,
NM_SETTING_WIRED_CLONED_MAC_ADDRESS);
return TRUE;
}
return FALSE;
}
CEPage *
ce_page_wired_new (NMConnection *connection,
GtkWindow *parent_window,
NMClient *client,
const char **out_secrets_setting_name,
GError **error)
{
CEPageWired *self;
CEPageWiredPrivate *priv;
self = CE_PAGE_WIRED (ce_page_new (CE_TYPE_PAGE_WIRED,
connection,
parent_window,
client,
UIDIR "/ce-page-wired.ui",
"WiredPage",
_("Wired")));
if (!self) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load wired user interface."));
return NULL;
}
wired_private_init (self);
priv = CE_PAGE_WIRED_GET_PRIVATE (self);
priv->setting = nm_connection_get_setting_wired (connection);
if (!priv->setting) {
priv->setting = NM_SETTING_WIRED (nm_setting_wired_new ());
nm_connection_add_setting (connection, NM_SETTING (priv->setting));
}
g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);
return CE_PAGE (self);
}
/* return value must be freed by caller with g_free() */
static gchar *
get_mac_address_of_connection (NMConnection *connection)
{
const GByteArray *mac = NULL;
if (!connection)
return NULL;
/* check the connection type */
if (nm_connection_is_type (connection,
NM_SETTING_WIRELESS_SETTING_NAME))
{
/* check wireless settings */
NMSettingWireless *s_wireless = nm_connection_get_setting_wireless (connection);
if (!s_wireless)
return NULL;
mac = nm_setting_wireless_get_mac_address (s_wireless);
if (mac)
return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
}
else if (nm_connection_is_type (connection,
NM_SETTING_WIRED_SETTING_NAME))
{
/* check wired settings */
NMSettingWired *s_wired = nm_connection_get_setting_wired (connection);
if (!s_wired)
return NULL;
mac = nm_setting_wired_get_mac_address (s_wired);
if (mac)
return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
}
else if (nm_connection_is_type (connection,
NM_SETTING_WIMAX_SETTING_NAME))
{
/* check wimax settings */
NMSettingWimax *s_wimax = nm_connection_get_setting_wimax (connection);
if (!s_wimax)
return NULL;
mac = nm_setting_wimax_get_mac_address (s_wimax);
if (mac)
return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
}
else if (nm_connection_is_type (connection,
NM_SETTING_INFINIBAND_SETTING_NAME))
{
/* check infiniband settings */
NMSettingInfiniband *s_infiniband = \
nm_connection_get_setting_infiniband (connection);
if (!s_infiniband)
return NULL;
mac = nm_setting_infiniband_get_mac_address (s_infiniband);
if (mac)
return nm_utils_hwaddr_ntoa (mac->data,
ARPHRD_INFINIBAND);
}
/* no MAC address found */
return NULL;
}
static gboolean
check_connection_s390_props (NMConnection *orig,
NMConnection *candidate,
GHashTable *settings)
{
GHashTable *props1, *props2, *props3;
NMSettingWired *s_wired_orig, *s_wired_cand;
props1 = check_property_in_hash (settings,
NM_SETTING_WIRED_SETTING_NAME,
NM_SETTING_WIRED_S390_SUBCHANNELS);
props2 = check_property_in_hash (settings,
NM_SETTING_WIRED_SETTING_NAME,
NM_SETTING_WIRED_S390_NETTYPE);
props3 = check_property_in_hash (settings,
NM_SETTING_WIRED_SETTING_NAME,
NM_SETTING_WIRED_S390_OPTIONS);
if (!props1 && !props2 && !props3)
return TRUE;
/* If the generated connection did not contain wired setting,
* allow it to match to a connection with a wired setting,
* but default (empty) s390-* properties */
s_wired_orig = nm_connection_get_setting_wired (orig);
s_wired_cand = nm_connection_get_setting_wired (candidate);
if (!s_wired_orig && s_wired_cand) {
const char * const *subchans = nm_setting_wired_get_s390_subchannels (s_wired_cand);
const char *nettype = nm_setting_wired_get_s390_nettype (s_wired_cand);
guint32 num_options = nm_setting_wired_get_num_s390_options (s_wired_cand);
if ((!subchans || !*subchans) && !nettype && num_options == 0) {
remove_from_hash (settings, props1,
NM_SETTING_WIRED_SETTING_NAME,
NM_SETTING_WIRED_S390_SUBCHANNELS);
remove_from_hash (settings, props2,
NM_SETTING_WIRED_SETTING_NAME,
NM_SETTING_WIRED_S390_NETTYPE);
remove_from_hash (settings, props3,
NM_SETTING_WIRED_SETTING_NAME,
NM_SETTING_WIRED_S390_OPTIONS);
return TRUE;
}
}
return FALSE;
}
static gboolean
connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
NMSettingConnection *s_con;
NMSettingVlan *s_vlan;
NMSettingWired *s_wired;
const char *ctype, *dev_iface_name, *vlan_iface_name;
const GByteArray *mac_address;
char *mac_address_str;
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
ctype = nm_setting_connection_get_connection_type (s_con);
if (strcmp (ctype, NM_SETTING_VLAN_SETTING_NAME) != 0) {
g_set_error (error, NM_DEVICE_VLAN_ERROR, NM_DEVICE_VLAN_ERROR_NOT_VLAN_CONNECTION,
"The connection was not a VLAN connection.");
return FALSE;
}
s_vlan = nm_connection_get_setting_vlan (connection);
if (!s_vlan) {
g_set_error (error, NM_DEVICE_VLAN_ERROR, NM_DEVICE_VLAN_ERROR_INVALID_VLAN_CONNECTION,
"The connection was not a valid VLAN connection.");
return FALSE;
}
if (nm_setting_vlan_get_id (s_vlan) != nm_device_vlan_get_vlan_id (NM_DEVICE_VLAN (device))) {
g_set_error (error, NM_DEVICE_VLAN_ERROR, NM_DEVICE_VLAN_ERROR_ID_MISMATCH,
"The VLAN identifiers of the device and the connection didn't match.");
return FALSE;
}
dev_iface_name = nm_device_get_iface (device);
vlan_iface_name = nm_setting_vlan_get_interface_name (s_vlan);
if (vlan_iface_name && g_strcmp0 (dev_iface_name, vlan_iface_name) != 0) {
g_set_error (error, NM_DEVICE_VLAN_ERROR, NM_DEVICE_VLAN_ERROR_INTERFACE_MISMATCH,
"The interfaces of the device and the connection didn't match.");
return FALSE;
}
s_wired = nm_connection_get_setting_wired (connection);
if (s_wired)
mac_address = nm_setting_wired_get_mac_address (s_wired);
else
mac_address = NULL;
if (mac_address) {
mac_address_str = nm_utils_hwaddr_ntoa_len (mac_address->data, mac_address->len);
if (!g_strcmp0 (mac_address_str, NM_DEVICE_VLAN_GET_PRIVATE (device)->hw_address)) {
g_set_error (error, NM_DEVICE_VLAN_ERROR, NM_DEVICE_VLAN_ERROR_MAC_MISMATCH,
"The hardware address of the device and the connection didn't match.");
}
g_free (mac_address_str);
}
return NM_DEVICE_CLASS (nm_device_vlan_parent_class)->connection_compatible (device, connection, error);
}
static gboolean
verify (NMSetting *setting, NMConnection *connection, GError **error)
{
NMSettingMacvlanPrivate *priv = NM_SETTING_MACVLAN_GET_PRIVATE (setting);
NMSettingConnection *s_con;
NMSettingWired *s_wired;
if (connection) {
s_con = nm_connection_get_setting_connection (connection);
s_wired = nm_connection_get_setting_wired (connection);
} else {
s_con = NULL;
s_wired = NULL;
}
if (priv->parent) {
if ( !nm_utils_is_uuid (priv->parent)
&& !nm_utils_iface_valid_name (priv->parent)) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("'%s' is neither an UUID nor an interface name"),
priv->parent);
g_prefix_error (error, "%s.%s: ", NM_SETTING_MACVLAN_SETTING_NAME, NM_SETTING_MACVLAN_PARENT);
return FALSE;
}
} else {
/* If parent is NULL, the parent must be specified via
* NMSettingWired:mac-address.
*/
if ( connection
&& (!s_wired || !nm_setting_wired_get_mac_address (s_wired))) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_MISSING_PROPERTY,
_("property is not specified and neither is '%s:%s'"),
NM_SETTING_WIRED_SETTING_NAME, NM_SETTING_WIRED_MAC_ADDRESS);
g_prefix_error (error, "%s.%s: ", NM_SETTING_MACVLAN_SETTING_NAME, NM_SETTING_MACVLAN_PARENT);
return FALSE;
}
}
if (!priv->promiscuous && priv->mode != NM_SETTING_MACVLAN_MODE_PASSTHRU) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("non promiscuous operation is allowed only in passthru mode'"));
g_prefix_error (error, "%s.%s: ",
NM_SETTING_MACVLAN_SETTING_NAME,
NM_SETTING_MACVLAN_PROMISCUOUS);
return FALSE;
}
return TRUE;
}
static gboolean
connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
NMSettingConnection *s_con;
NMSettingWired *s_wired;
const char *ctype;
gboolean is_pppoe = FALSE;
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
ctype = nm_setting_connection_get_connection_type (s_con);
if (!strcmp (ctype, NM_SETTING_PPPOE_SETTING_NAME))
is_pppoe = TRUE;
else if (strcmp (ctype, NM_SETTING_WIRED_SETTING_NAME) != 0) {
g_set_error (error, NM_DEVICE_ETHERNET_ERROR, NM_DEVICE_ETHERNET_ERROR_NOT_ETHERNET_CONNECTION,
"The connection was not a wired or PPPoE connection.");
return FALSE;
}
s_wired = nm_connection_get_setting_wired (connection);
/* Wired setting optional for PPPoE */
if (!is_pppoe && !s_wired) {
g_set_error (error, NM_DEVICE_ETHERNET_ERROR, NM_DEVICE_ETHERNET_ERROR_INVALID_ETHERNET_CONNECTION,
"The connection was not a valid ethernet connection.");
return FALSE;
}
if (s_wired) {
const GByteArray *mac;
const char *perm_str;
struct ether_addr *perm_mac;
/* FIXME: filter using s390 subchannels when they are exported over the bus */
/* Check MAC address */
perm_str = nm_device_ethernet_get_permanent_hw_address (NM_DEVICE_ETHERNET (device));
if (perm_str) {
perm_mac = ether_aton (perm_str);
if (!perm_mac) {
g_set_error (error, NM_DEVICE_ETHERNET_ERROR, NM_DEVICE_ETHERNET_ERROR_INVALID_DEVICE_MAC,
"Invalid device MAC address.");
return FALSE;
}
mac = nm_setting_wired_get_mac_address (s_wired);
if (mac && perm_mac && memcmp (mac->data, perm_mac->ether_addr_octet, ETH_ALEN)) {
g_set_error (error, NM_DEVICE_ETHERNET_ERROR, NM_DEVICE_ETHERNET_ERROR_MAC_MISMATCH,
"The MACs of the device and the connection didn't match.");
return FALSE;
}
}
}
return NM_DEVICE_CLASS (nm_device_ethernet_parent_class)->connection_compatible (device, connection, error);
}
static NMActStageReturn
act_stage1_prepare (NMDevice *dev, NMDeviceStateReason *reason)
{
NMActRequest *req;
NMConnection *connection;
NMSettingVlan *s_vlan;
NMSettingWired *s_wired;
const char *cloned_mac;
NMActStageReturn ret;
g_return_val_if_fail (reason != NULL, NM_ACT_STAGE_RETURN_FAILURE);
ret = NM_DEVICE_CLASS (nm_device_vlan_parent_class)->act_stage1_prepare (dev, reason);
if (ret != NM_ACT_STAGE_RETURN_SUCCESS)
return ret;
req = nm_device_get_act_request (dev);
g_return_val_if_fail (req != NULL, NM_ACT_STAGE_RETURN_FAILURE);
connection = nm_act_request_get_connection (req);
g_return_val_if_fail (connection != NULL, NM_ACT_STAGE_RETURN_FAILURE);
s_wired = nm_connection_get_setting_wired (connection);
if (s_wired) {
/* Set device MAC address if the connection wants to change it */
cloned_mac = nm_setting_wired_get_cloned_mac_address (s_wired);
if (cloned_mac)
nm_device_set_hw_addr (dev, cloned_mac, "set", LOGD_VLAN);
}
s_vlan = nm_connection_get_setting_vlan (connection);
if (s_vlan) {
int ifindex = nm_device_get_ifindex (dev);
int num, i;
guint32 from, to;
num = nm_setting_vlan_get_num_priorities (s_vlan, NM_VLAN_INGRESS_MAP);
for (i = 0; i < num; i++) {
if (nm_setting_vlan_get_priority (s_vlan, NM_VLAN_INGRESS_MAP, i, &from, &to))
nm_platform_vlan_set_ingress_map (ifindex, from, to);
}
num = nm_setting_vlan_get_num_priorities (s_vlan, NM_VLAN_EGRESS_MAP);
for (i = 0; i < num; i++) {
if (nm_setting_vlan_get_priority (s_vlan, NM_VLAN_EGRESS_MAP, i, &from, &to))
nm_platform_vlan_set_egress_map (ifindex, from, to);
}
}
return ret;
}
static void
ip4_config_pre_commit (NMDevice *device, NMIP4Config *config)
{
NMConnection *connection;
NMSettingWired *s_wired;
guint32 mtu;
connection = nm_device_get_applied_connection (device);
g_assert (connection);
s_wired = nm_connection_get_setting_wired (connection);
if (s_wired) {
mtu = nm_setting_wired_get_mtu (s_wired);
if (mtu)
nm_ip4_config_set_mtu (config, mtu, NM_IP_CONFIG_SOURCE_USER);
}
}
static gboolean
match_hwaddr (NMDevice *device, NMConnection *connection, gboolean fail_if_no_hwaddr)
{
NMSettingWired *s_wired;
const char *setting_mac;
const char *device_mac;
s_wired = nm_connection_get_setting_wired (connection);
if (!s_wired)
return !fail_if_no_hwaddr;
setting_mac = nm_setting_wired_get_mac_address (s_wired);
if (!setting_mac)
return !fail_if_no_hwaddr;
device_mac = nm_device_get_hw_address (device);
return nm_utils_hwaddr_matches (setting_mac, -1, device_mac, -1);
}
static gboolean
connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
NMSettingWired *s_wired;
gboolean is_pppoe = FALSE;
if (!NM_DEVICE_CLASS (nm_device_ethernet_parent_class)->connection_compatible (device, connection, error))
return FALSE;
if (nm_connection_is_type (connection, NM_SETTING_PPPOE_SETTING_NAME))
is_pppoe = TRUE;
else if (!nm_connection_is_type (connection, NM_SETTING_WIRED_SETTING_NAME)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("The connection was not an Ethernet or PPPoE connection."));
return FALSE;
}
s_wired = nm_connection_get_setting_wired (connection);
/* Wired setting optional for PPPoE */
if (s_wired) {
const char *perm_addr, *setting_addr;
/* FIXME: filter using s390 subchannels when they are exported over the bus */
/* Check MAC address */
perm_addr = nm_device_ethernet_get_permanent_hw_address (NM_DEVICE_ETHERNET (device));
if (perm_addr) {
if (!nm_utils_hwaddr_valid (perm_addr, ETH_ALEN)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_FAILED,
_("Invalid device MAC address."));
return FALSE;
}
setting_addr = nm_setting_wired_get_mac_address (s_wired);
if (setting_addr && !nm_utils_hwaddr_matches (setting_addr, -1, perm_addr, -1)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("The MACs of the device and the connection didn't match."));
return FALSE;
}
}
}
return TRUE;
}
static void
bind_device_to_connection (SCPluginIfupdown *self,
GUdevDevice *device,
NMIfupdownConnection *exported)
{
GByteArray *mac_address;
NMSettingWired *s_wired;
NMSettingWireless *s_wifi;
const char *iface, *address;
iface = g_udev_device_get_name (device);
if (!iface) {
PLUGIN_WARN ("SCPluginIfupdown", "failed to get ifname for device.");
return;
}
address = g_udev_device_get_sysfs_attr (device, "address");
if (!address || !strlen (address)) {
PLUGIN_WARN ("SCPluginIfupdown", "failed to get MAC address for %s", iface);
return;
}
mac_address = nm_utils_hwaddr_atoba (address, ARPHRD_ETHER);
if (!mac_address) {
PLUGIN_WARN ("SCPluginIfupdown", "failed to parse MAC address '%s' for %s",
address, iface);
return;
}
s_wired = nm_connection_get_setting_wired (NM_CONNECTION (exported));
s_wifi = nm_connection_get_setting_wireless (NM_CONNECTION (exported));
if (s_wired) {
PLUGIN_PRINT ("SCPluginIfupdown", "locking wired connection setting");
g_object_set (s_wired, NM_SETTING_WIRED_MAC_ADDRESS, mac_address, NULL);
} else if (s_wifi) {
PLUGIN_PRINT ("SCPluginIfupdown", "locking wireless connection setting");
g_object_set (s_wifi, NM_SETTING_WIRELESS_MAC_ADDRESS, mac_address, NULL);
}
g_byte_array_free (mac_address, TRUE);
nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), ignore_cb, NULL);
}
static gboolean
connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
NMDeviceVlanPrivate *priv;
NMSettingVlan *s_vlan;
NMSettingWired *s_wired;
const char *setting_hwaddr;
if (!NM_DEVICE_CLASS (nm_device_vlan_parent_class)->connection_compatible (device, connection, error))
return FALSE;
if (!nm_connection_is_type (connection, NM_SETTING_VLAN_SETTING_NAME)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("The connection was not a VLAN connection."));
return FALSE;
}
s_vlan = nm_connection_get_setting_vlan (connection);
if (nm_setting_vlan_get_id (s_vlan) != nm_device_vlan_get_vlan_id (NM_DEVICE_VLAN (device))) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("The VLAN identifiers of the device and the connection didn't match."));
return FALSE;
}
s_wired = nm_connection_get_setting_wired (connection);
if (s_wired)
setting_hwaddr = nm_setting_wired_get_mac_address (s_wired);
else
setting_hwaddr = NULL;
if (setting_hwaddr) {
priv = NM_DEVICE_VLAN_GET_PRIVATE (device);
if ( !priv->hw_address
|| !nm_utils_hwaddr_matches (setting_hwaddr, -1,
priv->hw_address, -1)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("The hardware address of the device and the connection didn't match."));
}
}
return TRUE;
}
static gboolean
match_hwaddr (NMDevice *device, NMConnection *connection, gboolean fail_if_no_hwaddr)
{
NMDeviceMacvlanPrivate *priv = NM_DEVICE_MACVLAN_GET_PRIVATE (device);
NMSettingWired *s_wired;
const char *setting_mac;
const char *parent_mac;
s_wired = nm_connection_get_setting_wired (connection);
if (!s_wired)
return !fail_if_no_hwaddr;
setting_mac = nm_setting_wired_get_mac_address (s_wired);
if (!setting_mac)
return !fail_if_no_hwaddr;
if (!priv->parent)
return !fail_if_no_hwaddr;
parent_mac = nm_device_get_permanent_hw_address (priv->parent, FALSE);
return parent_mac && nm_utils_hwaddr_matches (setting_mac, -1, parent_mac, -1);
}
static void
bind_device_to_connection (SettingsPluginIfupdown *self,
GUdevDevice *device,
NMIfupdownConnection *exported)
{
NMSettingWired *s_wired;
NMSettingWireless *s_wifi;
const char *iface, *address;
iface = g_udev_device_get_name (device);
if (!iface) {
nm_log_warn (LOGD_SETTINGS, "failed to get ifname for device.");
return;
}
address = g_udev_device_get_sysfs_attr (device, "address");
if (!address || !strlen (address)) {
nm_log_warn (LOGD_SETTINGS, "failed to get MAC address for %s", iface);
return;
}
if (!nm_utils_hwaddr_valid (address, ETH_ALEN)) {
nm_log_warn (LOGD_SETTINGS, "failed to parse MAC address '%s' for %s",
address, iface);
return;
}
s_wired = nm_connection_get_setting_wired (NM_CONNECTION (exported));
s_wifi = nm_connection_get_setting_wireless (NM_CONNECTION (exported));
if (s_wired) {
nm_log_info (LOGD_SETTINGS, "locking wired connection setting");
g_object_set (s_wired, NM_SETTING_WIRED_MAC_ADDRESS, address, NULL);
} else if (s_wifi) {
nm_log_info (LOGD_SETTINGS, "locking wireless connection setting");
g_object_set (s_wifi, NM_SETTING_WIRELESS_MAC_ADDRESS, address, NULL);
}
nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), NM_SETTINGS_CONNECTION_COMMIT_REASON_NONE, NULL, NULL);
}
static const char *
get_connection_parent (NMDeviceFactory *factory, NMConnection *connection)
{
NMSettingVlan *s_vlan;
NMSettingWired *s_wired;
const char *parent = NULL;
g_return_val_if_fail (nm_connection_is_type (connection, NM_SETTING_VLAN_SETTING_NAME), NULL);
s_vlan = nm_connection_get_setting_vlan (connection);
g_assert (s_vlan);
parent = nm_setting_vlan_get_parent (s_vlan);
if (parent)
return parent;
/* Try the hardware address from the VLAN connection's hardware setting */
s_wired = nm_connection_get_setting_wired (connection);
if (s_wired)
return nm_setting_wired_get_mac_address (s_wired);
return NULL;
}
static NMActStageReturn
act_stage1_prepare (NMDevice *device, NMDeviceStateReason *reason)
{
NMDeviceTun *self = NM_DEVICE_TUN (device);
NMDeviceTunPrivate *priv = NM_DEVICE_TUN_GET_PRIVATE (self);
NMActRequest *req;
NMConnection *connection;
NMSettingWired *s_wired;
const char *cloned_mac;
NMActStageReturn ret;
g_return_val_if_fail (reason != NULL, NM_ACT_STAGE_RETURN_FAILURE);
ret = NM_DEVICE_CLASS (nm_device_tun_parent_class)->act_stage1_prepare (device, reason);
if (ret != NM_ACT_STAGE_RETURN_SUCCESS)
return ret;
/* Nothing to do for TUN devices */
if (g_strcmp0 (priv->mode, "tap"))
return NM_ACT_STAGE_RETURN_SUCCESS;
req = nm_device_get_act_request (device);
g_return_val_if_fail (req != NULL, NM_ACT_STAGE_RETURN_FAILURE);
connection = nm_act_request_get_applied_connection (req);
g_return_val_if_fail (connection != NULL, NM_ACT_STAGE_RETURN_FAILURE);
s_wired = nm_connection_get_setting_wired (connection);
if (s_wired) {
/* Set device MAC address if the connection wants to change it */
cloned_mac = nm_setting_wired_get_cloned_mac_address (s_wired);
if (cloned_mac)
nm_device_set_hw_addr (device, cloned_mac, "set", LOGD_DEVICE);
}
return NM_ACT_STAGE_RETURN_SUCCESS;
}
static gboolean
connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
NMSettingWired *s_wired;
if (!NM_DEVICE_CLASS (nm_device_ethernet_parent_class)->connection_compatible (device, connection, error))
return FALSE;
if (nm_connection_is_type (connection, NM_SETTING_PPPOE_SETTING_NAME)) {
/* NOP */
} else if (!nm_connection_is_type (connection, NM_SETTING_WIRED_SETTING_NAME)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("The connection was not an Ethernet or PPPoE connection."));
return FALSE;
}
s_wired = nm_connection_get_setting_wired (connection);
/* Wired setting optional for PPPoE */
if (s_wired) {
const char *perm_addr, *s_mac;
gboolean try_mac = TRUE;
const char * const *mac_blacklist;
int i;
/* Check s390 subchannels */
if (!match_subchans (NM_DEVICE_ETHERNET (device), s_wired, &try_mac)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("The connection and device differ in S390 subchannels."));
return FALSE;
}
/* Check MAC address */
perm_addr = nm_device_ethernet_get_permanent_hw_address (NM_DEVICE_ETHERNET (device));
s_mac = nm_setting_wired_get_mac_address (s_wired);
if (perm_addr) {
if (!nm_utils_hwaddr_valid (perm_addr, ETH_ALEN)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_FAILED,
_("Invalid device MAC address."));
return FALSE;
}
if (try_mac && s_mac && !nm_utils_hwaddr_matches (s_mac, -1, perm_addr, -1)) {
g_set_error_literal (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("The MACs of the device and the connection do not match."));
return FALSE;
}
/* Check for MAC address blacklist */
mac_blacklist = nm_setting_wired_get_mac_address_blacklist (s_wired);
for (i = 0; mac_blacklist[i]; i++) {
if (!nm_utils_hwaddr_valid (mac_blacklist[i], ETH_ALEN)) {
g_warn_if_reached ();
g_set_error (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("Invalid MAC in the blacklist: %s."), mac_blacklist[i]);
return FALSE;
}
if (nm_utils_hwaddr_matches (mac_blacklist[i], -1, perm_addr, -1)) {
g_set_error (error, NM_DEVICE_ERROR, NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
_("Device MAC (%s) is blacklisted by the connection."), perm_addr);
return FALSE;
}
}
}
}
return TRUE;
}
static gboolean
verify (NMSetting *setting, NMConnection *connection, GError **error)
{
NMSettingVlanPrivate *priv = NM_SETTING_VLAN_GET_PRIVATE (setting);
NMSettingConnection *s_con;
NMSettingWired *s_wired;
if (connection) {
s_con = nm_connection_get_setting_connection (connection);
s_wired = nm_connection_get_setting_wired (connection);
} else {
s_con = NULL;
s_wired = NULL;
}
if (priv->parent) {
if (nm_utils_is_uuid (priv->parent)) {
/* If we have an NMSettingConnection:master with slave-type="vlan",
* then it must be the same UUID.
*/
if (s_con) {
const char *master = NULL, *slave_type = NULL;
slave_type = nm_setting_connection_get_slave_type (s_con);
if (!g_strcmp0 (slave_type, NM_SETTING_VLAN_SETTING_NAME))
master = nm_setting_connection_get_master (s_con);
if (master && g_strcmp0 (priv->parent, master) != 0) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("'%s' value doesn't match '%s=%s'"),
priv->parent, NM_SETTING_CONNECTION_MASTER, master);
g_prefix_error (error, "%s.%s: ", NM_SETTING_VLAN_SETTING_NAME, NM_SETTING_VLAN_PARENT);
return FALSE;
}
}
} else if (!nm_utils_iface_valid_name (priv->parent)) {
/* parent must be either a UUID or an interface name */
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("'%s' is neither an UUID nor an interface name"),
priv->parent);
g_prefix_error (error, "%s.%s: ", NM_SETTING_VLAN_SETTING_NAME, NM_SETTING_VLAN_PARENT);
return FALSE;
}
} else {
/* If parent is NULL, the parent must be specified via
* NMSettingWired:mac-address.
*/
if ( connection
&& (!s_wired || !nm_setting_wired_get_mac_address (s_wired))) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_MISSING_PROPERTY,
_("property is not specified and neither is '%s:%s'"),
NM_SETTING_WIRED_SETTING_NAME, NM_SETTING_WIRED_MAC_ADDRESS);
g_prefix_error (error, "%s.%s: ", NM_SETTING_VLAN_SETTING_NAME, NM_SETTING_VLAN_PARENT);
return FALSE;
}
}
if (priv->id >= 4095) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("the vlan id must be in range 0-4094 but is %u"),
priv->id);
g_prefix_error (error, "%s.%s: ", NM_SETTING_VLAN_SETTING_NAME, NM_SETTING_VLAN_ID);
}
if (priv->flags & ~NM_VLAN_FLAGS_ALL) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("flags are invalid"));
g_prefix_error (error, "%s.%s: ", NM_SETTING_VLAN_SETTING_NAME, NM_SETTING_VLAN_FLAGS);
return FALSE;
}
return TRUE;
}
